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DETAILED A CTION 

1 . This action is responsive to: an original application filed on 28 July 2006. 

2. Claims 1-18 are currently pending and claims 1, 2, 3, 7, 8, 10, 13, 14, 15, 16 and 
77 are independent claims. 

3 . Pre-amendment has been conceder by the Examiner. 

Information Disclosure Statement 

4. The Information Disclosure Statement (IDS) submitted on 9/4/2008, 6/24/2008, 
2/7/2008, and 7/28/2006 are in compliance with the provisions of 37 CFR 1.97. 
Accordingly, the IDS statement is being considered by the examiner. 

Priority 

5. Acknowledgment is made of applicant's claim for foreign priority under 35 
U.S.C. 119(a)-(d). The certified copy has been filed in parent Application No. 2004- 
029928 (Japan) filed on 5 February 2004. 

Specification 

6. This application does not contain an abstract of the disclosure as required by 37 
CFR 1 .72(b). An abstract on a separate sheet is required. 

Claim Rejections - 35 USC § 103 

7. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1-18 are rejected under 35 U.S.C. 103(a) as being unpatentable over Grecsek 
Mathew (US Patent No. 6088801), hereinafter Grecsek and in view of Matsubara et al. 
(US Patent No. 71 2391 4), hereinafter Matsubara. 
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In regard to claim 1, Grecsek discloses: 

- registering means for registering information on whether a function of a 
received program is permitted to be used (Grecsek, col 4, lines 14-19, "The results from 
decision box 40 can then be used to automatically grant access, shown in box 50, to a 
process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- receiving means for receiving a program and function information indicating 
a function used in the program (Grecsek, col 3, lines 59-62, "A file type can be 
specified using a file extension, which is the alphanumeric characters following the 
period in the file name. A file type can be associated with a process that automatically 
services it"); 

- determining means for determining, by comparing function information 
received by the receiving means and information registered by the registering means, 
whether a program received by the receiving means includes a function not permitted 
to be used (Grecsek, Abstract, "The method comprises the steps of assessing the software 
process to determine what capabilities it possesses, maintaining one or more policies 
which list potential capabilities and corresponding authorizations for one or more 
contexts, and a unit for comparing the software process capabilities with a policy"). 

- outputting means for outputting a result determined by the determining means 
(Grecsek, col 3, lines 31-34, "The results of the evaluation may be passed to a policy 
enforcer 117, which grants or denies process 110 access to virtual machine 120 and 
resources 130 based on a policy"), where result is the output. 

Grecsek does not explicitly teach networking with relay device, however in a 
relevant art Matsubara discloses use of relay device (see Abstract). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 
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In regard to claim 2, Grecsek discloses: 

- registering means for registering information on whether a function of a 
received program is permitted to be used (Grecsek, col 4, lines 14-19, "The results from 
decision box 40 can then be used to automatically grant access, shown in box 50, to a 
process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- receiving means for receiving a program and function information indicating 
a function used in the program (Grecsek, col 3, lines 59-62, "A file type can be 
specified using a file extension, which is the alphanumeric characters following the 
period in the file name. A file type can be associated with a process that automatically 
services it"); 

- determining means for determining, by comparing function information 
received by the receiving means and information registered by the registering means, 
whether to execute a program received by the receiving means (Grecsek, Abstract, "The 
method comprises the steps of assessing the software process to determine what 
capabilities it possesses, maintaining one or more policies which list potential capabilities 
and corresponding authorizations for one or more contexts, and a unit for comparing the 
software process capabilities with a policy"); 

- executing means for executing a program if the determining means 
determines to execute the program (Grecsek, Abstract, "A method and apparatus for 
managing the risk of executing a software process on a computer by programmatically 
determining the capabilities of the software process before it executes and determining 
whether these capabilities are authorized within an access control policy"). 

Grecsek does not explicitly teach networking relay device, however in a relevant 
art Matsubara discloses use of relay device (see Abstract). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 
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In regard to claim 3, Grecsek discloses: 

- registering means for registering information on whether a function of a 
received program is permitted to be used (Grecsek, col 4, lines 14-19, "The results from 
decision box 40 can then be used to automatically grant access, shown in box 50, to a 
process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- receiving means for receiving a program and function information indicating 
a function used in the program (Grecsek, col 3, lines 59-62, "A file type can be 
specified using a file extension, which is the alphanumeric characters following the 
period in the file name. A file type can be associated with a process that automatically 
services it"); 

- determining means for determining, by comparing function information 
received by the receiving means and information registered by the registering means, 
whether to execute a program received by the receiving means (Grecsek, Abstract, "The 
method comprises the steps of assessing the software process to determine what 
capabilities it possesses, maintaining one or more policies which list potential capabilities 
and corresponding authorizations for one or more contexts, and a unit for comparing the 
software process capabilities with a policy"); 

- outputting means for outputting a message asking whether to execute a 
program while limiting available functions, if the determining means determines not to 
execute the program operating means (Grecsek, col 3, lines 24-29, "An object of the 
invention is to provide a means for determining the capabilities of process 110 before it 
executes. It is also an object of the invention to provide a means for enforcing a policy 
based on these capabilities. FIG. 2, illustrates how the invention accomplishes these 
objects"); 

- executing means for executing a program if execution of the program is 
instructed via the operating means in response to a message outputted by the 
outputting means (Grecsek, col 4, lines 28-37, " In this description, capabilities 
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assessment 20 is performed immediately prior to execution of process 110. However, the 
capabilities assessment may be generated at any time prior to execution resulting in a list 
of capabilities which can be included with the process itself or possibly maintained by a 
third party. This list can then be evaluated by policy enforcer 117 prior to execution of 
process 110. Capabilities assessor 115 and policy enforcer 117 can also be part of virtual 
machine 120"); 

- limiting means for limiting functions available in a program executed by the 
executing means, in accordance with information registered by the registering means 

(Grecsek, Abstract, "The capabilities define what functions a software process can 
perform in the context of a virtual machine"). 

Grecsek does not explicitly teach networking with relay device, however in a 
relevant art Matsubara discloses use of relay device (see Abstract). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 4, claim 2 is incorporated and Grecsek disclose: 

- wherein the determining means compares the function information received 
by the receiving means and the information registered by the registering means, and if 
a function not permitted to be used is not used by the program received by the receiving 
means, permits execution of the program (Grecsek, Abstract, "The method comprises 
the steps of assessing the software process to determine what capabilities it possesses, 
maintaining one or more policies which list potential capabilities and corresponding 
authorizations for one or more contexts, and a unit for comparing the software process 
capabilities with a policy"). 

In regard to claim 5, claim 1 is incorporated and Grecsek disclose: 

- registering means for registering information on whether a function of a 
received program is permitted to be used (Grecsek, col 4, lines 14-19, "The results from 
decision box 40 can then be used to automatically grant access, shown in box 50, to a 
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process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- the function information is information on a function contained in the 
program received by the receiving means (Grecsek, Abstract, "The capabilities define 
what functions a software process can perform in the context of a virtual machine"). 

In regard to claim 6, claim 1 is incorporated and Grecsek disclose: 

- wherein the registering means registers information on whether a resource of 
a received program is permitted to be accessed (Grecsek, col 4, lines 41-46, "For 
example, a policy may authorize access to a process with more capabilities created from a 
trusted originator than an untrusted originator. Policy enforcer 117 may use 
authentication and code signing techniques, or other integrity strategies to establish its 
trustworthiness, to ensure that process 1 10 is in fact from the expected source"); 

- the function information is information on a resource accessed in accordance 
with the program received by the receiving means (Grecsek, col 3, lines 3-5, "A 
capability is one or more instructions executed by a virtual machine 120 on computer 100 
to perform a function as might occur in a computer program or interpreted script"). 

In regard to claim 7, Grecsek discloses: 

- registering means for registering information on-on whether a function of a 
program provided via a network is permitted to be used (Grecsek, col 4, lines 14-19, 
"The results from decision box 40 can then be used to automatically grant access, shown 
in box 50, to a process that does not violate policy 200 or to deny access, shown in box 
60, to a process that violates policy 200. The results can also be presented to the user. If 
access is granted, process 10 may be permitted to execute"); 

- first receiving means for receiving, before receiving a program, function 
information indicating a function used in the program (Grecsek, col 3, lines 35-38, "A 
policy contains a list of potential capabilities that process 110 may possess and 
authorizations indicating which capabilities are acceptable. FIG. 4 illustrates a possible 
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data structure for a policy 200 to store a capabilities list 210 and a corresponding 
authorizations list 220"); 

- determining means for determining whether to receive a program, by 
comparing function information received by the first receiving means and information 
registered by the registering means (Grecsek, Abstract, "A method and apparatus for 
managing the risk of executing a software process on a computer by programmatically 
determining the capabilities of the software process before it executes and determining 
whether these capabilities are authorized within an access control policy"); 

- second receiving means for receiving a program if the determining means 
determines to receive the program (Grecsek, col 2, lines 40-47, "This invention is 
directed to managing the risk of executing software processes. It is an object of the 
invention to provide a method for determining the capabilities of a software process 
before it executes. It is another object of the invention to provide a method for managing 
access to the resources of a computer using a capabilities-based policy. Further objects 
and advantages will become apparent from consideration of the ensuing description"); 

- executing means for executing a program received by the second receiving 
means (Grecsek, col 3, lines 2-16, "A capability is one or more instructions executed by a 
virtual machine 120 on computer 100 to perform a function as might occur in a computer 
program or interpreted script. ... machine 120 is an interface to computer 100 and 
resources 130 and may itself be a process. Computer 100 may be any programmable 
device"); 

Grecsek does not explicitly teach networking with relay device, however in a 
relevant art Matsubara discloses use of relay device (see Abstract). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 8, Grecsek discloses: 

- registering means for registering information on whether a function of a 
received program is permitted to be used (Grecsek, col 4, lines 14-19, "The results from 
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decision box 40 can then be used to automatically grant access, shown in box 50, to a 
process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- receiving means for receiving a program, function information indicating a 
function used in the program, and destination information indicating a destination of 
the program (Grecsek, col 4, lines 14-19, "The results from decision box 40 can then be 
used to automatically grant access, shown in box 50, to a process that does not violate 
policy 200 or to deny access, shown in box 60, to a process that violates policy 200. The 
results can also be presented to the user. If access is granted, process 10 may be permitted 
to execute"); 

Grecsek does not explicitly teach sending/receiving relay information, 
networking with relay device; however in a relevant art Matsubara discloses use of relay 
device (see Abstract and col 2, lines 56-67 and col 3, lines 1-20 ). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 9, claim 8 is incorporated and Grecsek disclose: 

- wherein the determining means compares the function information received 
by the receiving means and the information registered by the registering means, and if 
a function not permitted to be used is not used in the program received by the receiving 
means, permits relay of the program (Grecsek, Abstract, "The capabilities define what 
functions a software process can perform in the context of a virtual machine. The method 
comprises the steps of assessing the software process to determine what capabilities it 
possesses, maintaining one or more policies which list potential capabilities and 
corresponding authorizations for one or more contexts, and a unit for comparing the 
software process capabilities with a policy"). 



In regard to claim 10, Grecsek discloses: 
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- registering means for registering information on whether a function of a 
program provided via a network is permitted to be used (Grecsek, col 4, lines 14-19, 
"The results from decision box 40 can then be used to automatically grant access, shown 
in box 50, to a process that does not violate policy 200 or to deny access, shown in box 
60, to a process that violates policy 200. The results can also be presented to the user. If 
access is granted, process 10 may be permitted to execute"); 

- determining means for determining, by comparing function information 
received by the receiving means and information registered by the registering means, 
whether a function not permitted to be used is used in a program received by the 
receiving means (Grecsek, Abstract, "The method comprises the steps of assessing the 
software process to determine what capabilities it possesses, maintaining one or more 
policies which list potential capabilities and corresponding authorizations for one or more 
contexts, and a unit for comparing the software process capabilities with a policy"). 

Grecsek does not explicitly teach sending/receiving relay information, 
networking with relay device; however in a relevant art Matsubara discloses use of relay 
device (see Abstract and col 2, lines 56-67 and col 3, lines 1-20 ). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 11, claim 8 is incorporated and Grecsek discloses: 

- registering means for registering information on whether a function of a 
received program is permitted to be used (Grecsek, col 4, lines 14-19, "The results from 
decision box 40 can then be used to automatically grant access, shown in box 50, to a 
process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- receiving means for receiving a program and function information indicating 
a function used in the program (Grecsek, col 3, lines 59-62, "A file type can be 
specified using a file extension, which is the alphanumeric characters following the 
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period in the file name. A file type can be associated with a process that automatically 
services it"); 

- wherein the registering means registers information on whether a function of 
the program provided via a network is permitted to be used (Grecsek, col 4, lines 14-19, 
"The results from decision box 40 can then be used to automatically grant access, shown 
in box 50, to a process that does not violate policy 200 or to deny access, shown in box 
60, to a process that violates policy 200. The results can also be presented to the user. If 
access is granted, process 10 may be permitted to execute"); 

- the function information is information on a function contained in the 
program received by the receiving means (Grecsek, Abstract, "The capabilities define 
what functions a software process can perform in the context of a virtual machine"). 

In regard to claim 12, claim 8 is incorporated and Grecsek discloses: 

- wherein the registering means registers information on whether a resource in 
the program provided via a network is permitted to be accessed (Grecsek, col 2, lines 
43-45, "It is another object of the invention to provide a method for managing access to 
the resources of a computer using a capabilities-based policy"); 

- the function information is information on a resource accessed in accordance 
with the program received by the receiving means (Grecsek, col 3, lines 3-5, "A 
capability is one or more instructions executed by a virtual machine 120 on computer 100 
to perform a function as might occur in a computer program or interpreted script"). 

In regard to claim 13, Grecsek discloses: 

- A program for causing a computer to execute: a first step of receiving a 
program and function information indicating a function used in the program (Grecsek, 
col 3, lines 59-62, "A file type can be specified using a file extension, which is the 
alphanumeric characters following the period in the file name. A file type can be 
associated with a process that automatically services it"); 

- a second step of determining, by comparing function information received in 
the first step and information on whether a function of a received is permitted to be 
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used, which is pre-registered in memory, whether a function not permitted to be used is 
used in a program received in the first step (Grecsek, col 4, lines 14-19, "The results 
from decision box 40 can then be used to automatically grant access, shown in box 50, to 
a process that does not violate policy 200 or to deny access, shown in box 60, to a process 
that violates policy 200. The results can also be presented to the user. If access is granted, 
process 10 may be permitted to execute"); 

- a third step of outputting a determination result in the second step (Grecsek, 
col 3, lines 31-34, "The results of the evaluation may be passed to a policy enforcer 117, 
which grants or denies process 110 access to virtual machine 120 and resources 130 
based on a policy"), where result is the output. 

Grecsek does not explicitly teach receiving relay information, however in a 
relevant art Matsubara discloses use of relay device (see Abstract and col 2, lines 56-67 
and col 3, lines 1-20). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 14, Grecsek discloses: 

- A program for causing a computer to execute: a first step of receiving a 
program and function information indicating a function used in the program (Grecsek, 
col 3, lines 59-62, "A file type can be specified using a file extension, which is the 
alphanumeric characters following the period in the file name. A file type can be 
associated with a process that automatically services it"); 

- a second step of determining, by comparing function information received in 
the first step and information on whether a function of a received program is permitted 
to be used, which is pre-registered in memory, whether to execute a program received 
in the first step (Grecsek, col 2, lines 42-44, ". It is an object of the invention to provide a 
method for determining the capabilities of a software process before it executes"); 
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- a third step of executing a program if it is determined in the second step to 
execute the program (Grecsek, col 3, lines 24-27, " An object of the invention is to 
provide a means for determining the capabilities of process 1 10 before it executes"). 

Grecsek does not explicitly teach receiving relay information, however in a 
relevant art Matsubara discloses use of relay device (see Abstract and col 2, lines 56-67 
and col 3, lines 1-20). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 15, Grecsek discloses: 

- A program for causing a computer to execute: a first step of receiving, before 
receiving a program, function information indicating a function used in the program 
(Grecsek, col 3, lines 2-10, "A capability is one or more instructions executed by a virtual 
machine 120 on computer 100 to perform a function as might occur in a computer 
program or interpreted script. If a certain function requires a particular sequence of 
instructions and process 110 does not contain these instructions then process 110 cannot 
perform the function. Process 1 10 is defined by one or more capabilities, each capability 
being defined by one or more instructions"), where "sequence is the steps if execution. 

- a second step of determining, by comparing function information received in 
the first step and information on whether a function of a received program is permitted 
to be used, which is pre-registered in memory, whether to receive a program associated 
with the function information (Grecsek, col 3, lines 10-13, "Prior to execution, process 
110 is simply data and cannot perform any function until executed. Process 110 may be 
executed directly by the user or indirectly by some other process already executing on 
computer 100"); 

- a third step of receiving a program if it is determined in the second step to 
receive the program (Grecsek, col 3, lines 24-27, " An object of the invention is to 
provide a means for determining the capabilities of process 110 before it executes"). 
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- a fourth step of executing a program received in the third step (Grecsek, col 3, 
lines 2-10, "A capability is one or more instructions executed by a virtual machine 120 on 
computer 100 to perform a function as might occur in a computer program or interpreted 
script. If a certain function requires a particular sequence of instructions and process 110 
does not contain these instructions then process 1 10 cannot perform the function. Process 
1 10 is defined by one or more capabilities, each capability being defined by one or more 
instructions"); 

Grecsek does not explicitly teach receiving relay information, however in a 
relevant art Matsubara discloses use of relay device (see Abstract and col 2, lines 56-67 
and col 3, lines 1-20). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 16, Grecsek discloses: 

- A program for causing a computer to execute: a first step of receiving a 
program, function information indicating a function used in the program, and 
destination information indicating a destination of the program (Grecsek, col 3, lines 
43-50, "An authorization 220 can be as simple as a one bit flag indicating that the 
corresponding capability 210 is either acceptable or not, or it can specify additional 
criteria for more comprehensive rules as described below. Usually a policy is decided by 
the person or organization who has authority over computer 100. The concerns in 
deciding a policy depend on the operational requirements"); 

- a second step of determining, by comparing function information received in 
the first step and information on whether a function of a program provided via a 
network is permitted to be used, which is pre-registered in memory, whether to relay a 
program received in the first step (Grecsek, col 3, lines 34-39, "A policy contains a list 
of potential capabilities that process 110 may possess and authorizations indicating which 
capabilities are acceptable. FIG. 4 illustrates a possible data structure for a policy 200 to 
store a capabilities list 210 and a corresponding authorizations list 220"); 
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- a third step of sending a program to a destination designated by destination 
information received in the first step, if it is determined in the second step to relay of 
program (Grecsek, col 3, lines 64-67 and col 4, lines 1-6, "Capabilities assessor 115 
evaluates the functional potentiality of process 10 by scanning it for certain tokens, such 
as keywords or byte codes, that represent particular capabilities as shown in box 20. For 
example, in a script where source code is executed, capabilities assessor 115 might search 
for capability keywords such as FILE or PRINT and create a list of capabilities found 
using various parsing and compiler techniques known in the art. Some embodiments 
might end here, simply displaying or communicating the results of the capabilities 
assessment"); 

Grecsek does not explicitly teach networking with relay device; however in a 
relevant art Matsubara discloses use of relay device (see Abstract and col 2, lines 56-67 
and col 3, lines 1-20). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, mainly for auto reboot capability. 

In regard to claim 17, Grecsek discloses: 

- A program for causing a computer to execute: a first step of receiving a 
program, function information indicating a function used in the program, and 
destination information indicating a destination of the program (Grecsek, col 4, lines 
14-19, "The results from decision box 40 can then be used to automatically grant access, 
shown in box 50, to a process that does not violate policy 200 or to deny access, shown in 
box 60, to a process that violates policy 200. The results can also be presented to the user. 
If access is granted, process 10 may be permitted to execute"); 

- a second step of determining, by comparing function information received in 
the first step and information on whether a function of a program provided via a 
network is permitted to be used, which is pre-registered in memory, whether a function 
not permitted to be used is used in a program received in the first step (Grecsek, col 4, 
lines 14-19, "The results from decision box 40 can then be used to automatically grant 
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access, shown in box 50, to a process that does not violate policy 200 or to deny access, 
shown in box 60, to a process that violates policy 200. The results can also be presented 
to the user. If access is granted, process 10 may be permitted to execute"); 

- a third step of sending a determination result in the second step and a 
program to a destination designated by destination information received in the first 
step, if it is determined in the second step to relay the program (Grecsek, col 3, lines 31- 
34, "The results of the evaluation may be passed to a policy enforcer 117, which grants or 
denies process 110 access to virtual machine 120 and resources 130 based on a policy"), 
where result is the output. 

Grecsek does not explicitly teach USING RELAY, however in a relevant art 
Matsubara discloses use of relay device (see Abstract and col 2, lines 56-67 and col 3, 
lines 1-20). 

It would have been obvious to a person having ordinary skill in the art at the time 
the invention was made to use Matsubara invention modify Grecsek so that network can 
be monitor or control remotely, Mainly auto reboot. 

In regard to claim 18, claim 13 is incorporated and Grecsek discloses: 

- A computer-readable storage medium recording a program according Claim 
13 (Grecsek, col 3, lines 37-39, "FIG. 4 illustrates a possible data structure for a policy 
200 to store a capabilities list 210 and a corresponding authorizations list 220"). 

Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure (see form "PTO-892 Notice of Reference Cited"). 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Monjour Rahim whose telephone number is (571)270- 
3890. The examiner can normally be reached on 5:30 AM -3:30 PM (Mo-Th). 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on (571)272-381 1. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO 
Customer Service Representative or access to the automated information system, call 
800-786-9199 (in USA or CANADA) or 571-272-1000. 

/Monjour Rahim/ 
Patent Examiner 
Art Unit: 2434 
Date: 01/15/2009 

/Kambiz Zand/ 

Supervisory Patent Examiner, Art Unit 2434 



